From owner-freebsd-advocacy Fri Nov 15 16:27:28 2002 Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E19DF37B401 for ; Fri, 15 Nov 2002 16:27:26 -0800 (PST) Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8784043E3B for ; Fri, 15 Nov 2002 16:27:21 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from pool0182.cvx22-bradley.dialup.earthlink.net ([209.179.198.182] helo=mindspring.com) by falcon.mail.pas.earthlink.net with esmtp (Exim 3.33 #1) id 18Cqnp-0001ul-00; Fri, 15 Nov 2002 16:27:14 -0800 Message-ID: <3DD59091.61B01AF0@mindspring.com> Date: Fri, 15 Nov 2002 16:25:53 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Dru Cc: advocacy@freebsd.org Subject: Re: PR opportunity? References: <20021115121330.S209-100000@dhcp-17-14.kico2.on.cogeco.ca> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-advocacy@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dru wrote: > I've been approached by a journalist from a security print magazine/daily > security newswire. I've been asked to comment on the tcpdump trojan and > the pattern of increased attacks against open source software FTP sites. > > My first instinct is to reply with a simple "no comment". However, I > wonder if this is a possible PR opportunity for a very carefully worded > response from the FreeBSD community. > > Comments, suggestions? It's the next escalation in the computer security arms race, and we've been expecting it. Unfortunately, security is a journey, not a destination. This really isn't purely a "FreeBSD thing" or an "Open Source thing": Microsoft is facing the same attacks, if Windows ever becomes harder to attack directly. As more and more companies are switching from Microsoft operating systems to FreeBSD and other Open Source alternatives, hackers are finding it more and more difficult to attack them directly. Once you can't attack an operating system like FreeBSD directly, you have to attack it indirectly; this is most easily done by attacking the applications it runs, instead. If Microsoft Windows wasn't so easy to break into, you would see the same thing happening to Windows applications. Keep in mind that what they have really compromised in not FreeBSD, or even the Open Source application -- in this case tcpdump -- but the servers and software that delivers the application to the users. This is a classic "man in the middle" attack. Now that Microsoft has moved to a subscription service, where you pay for the same software over and over, and give Microsoft total access to your computer to update or modify the data on it, they are vulnerable to these kinds of attacks, as well as attacks on the middleman they use to access your computer. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-advocacy" in the body of the message